A remotely exploitable vulnerability has been discovered in the backup service of IBM Tivoli Storage Manager server. Specifically, the vulnerability is due to improper memory handling when processing incoming client requests and can lead to heap corruption. This vulnerability can allow attackers to inject and execute arbitrary code on the target host with System or root privileges. The vulnerability has been confirmed in IBM Tivoli Storage Manager Express version 5.3.7.3.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/75630/FSC20090310-02.txt
Source: https://packetstormsecurity.com/files/75630/IBM-Tivoli-Storage-Manager-Express-Backup-Heap-Corruption.html